From 2b01d2fe76ccaa91e3458bc16c0633bb4fae640f Mon Sep 17 00:00:00 2001 From: jasquat Date: Thu, 20 Oct 2022 11:49:58 -0400 Subject: [PATCH] fixed authentication_callback and getting the user w/ burnettk --- src/spiffworkflow_backend/api.yml | 3 ++- src/spiffworkflow_backend/routes/process_api_blueprint.py | 3 +-- src/spiffworkflow_backend/routes/user.py | 5 +++-- src/spiffworkflow_backend/services/authorization_service.py | 2 +- tests/spiffworkflow_backend/integration/test_process_api.py | 2 +- 5 files changed, 8 insertions(+), 7 deletions(-) diff --git a/src/spiffworkflow_backend/api.yml b/src/spiffworkflow_backend/api.yml index 9eb8fb45..489b00fc 100755 --- a/src/spiffworkflow_backend/api.yml +++ b/src/spiffworkflow_backend/api.yml @@ -1,11 +1,12 @@ openapi: "3.0.2" info: version: 1.0.0 - title: Workflow Microservice + title: spiffworkflow-backend license: name: MIT servers: - url: http://localhost:5000/v1.0 +# this is handled in flask now security: [] # - jwt: ["secret"] # - oAuth2AuthCode: diff --git a/src/spiffworkflow_backend/routes/process_api_blueprint.py b/src/spiffworkflow_backend/routes/process_api_blueprint.py index c6ac2b20..aa9152f7 100644 --- a/src/spiffworkflow_backend/routes/process_api_blueprint.py +++ b/src/spiffworkflow_backend/routes/process_api_blueprint.py @@ -828,7 +828,7 @@ def authentication_callback( auth_method: str, ) -> werkzeug.wrappers.Response: """Authentication_callback.""" - verify_token(request.args.get("token")) + verify_token(request.args.get("token"), force_run=True) response = request.args["response"] SecretService().update_secret( f"{service}/{auth_method}", response, g.user.id, create_if_not_exists=True @@ -885,7 +885,6 @@ def process_instance_report_show( # @process_api_blueprint.route("/v1.0/tasks", methods=["GET"]) def task_list_my_tasks(page: int = 1, per_page: int = 100) -> flask.wrappers.Response: """Task_list_my_tasks.""" - print("WE LIST") principal = find_principal_or_raise() active_tasks = ( diff --git a/src/spiffworkflow_backend/routes/user.py b/src/spiffworkflow_backend/routes/user.py index 3099cb5c..0f6a8d3c 100644 --- a/src/spiffworkflow_backend/routes/user.py +++ b/src/spiffworkflow_backend/routes/user.py @@ -29,7 +29,7 @@ from spiffworkflow_backend.services.user_service import UserService # authorization_exclusion_list = ['status'] def verify_token( - token: Optional[str] = None, + token: Optional[str] = None, force_run: Optional[bool] = False ) -> Optional[Dict[str, Optional[Union[str, int]]]]: """Verify the token for the user (if provided). @@ -37,6 +37,7 @@ def verify_token( Args: token: Optional[str] + force_run: Optional[bool] Returns: token: str @@ -45,7 +46,7 @@ def verify_token( ApiError: If not on production and token is not valid, returns an 'invalid_token' 403 error. If on production and user is not authenticated, returns a 'no_user' 403 error. """ - if AuthorizationService.should_disable_auth_for_request(): + if not force_run and AuthorizationService.should_disable_auth_for_request(): return None if not token and "Authorization" in request.headers: diff --git a/src/spiffworkflow_backend/services/authorization_service.py b/src/spiffworkflow_backend/services/authorization_service.py index 9ee021a3..b9353686 100644 --- a/src/spiffworkflow_backend/services/authorization_service.py +++ b/src/spiffworkflow_backend/services/authorization_service.py @@ -202,7 +202,7 @@ class AuthorizationService: @classmethod def should_disable_auth_for_request(cls) -> bool: """Should_disable_auth_for_request.""" - authentication_exclusion_list = ["status"] + authentication_exclusion_list = ["status", "authentication_callback"] if request.method == "OPTIONS": return True diff --git a/tests/spiffworkflow_backend/integration/test_process_api.py b/tests/spiffworkflow_backend/integration/test_process_api.py index d95d3d77..784954f4 100644 --- a/tests/spiffworkflow_backend/integration/test_process_api.py +++ b/tests/spiffworkflow_backend/integration/test_process_api.py @@ -1135,7 +1135,7 @@ class TestProcessApi(BaseTest): assert len(task_events) == 1 task_event = task_events[0] assert task_event.user_id == with_super_admin_user.id - # TODO: When with_super_admin_user tasks work, we need to add some more assertions for action, task_state, etc. + # TODO: When user tasks work, we need to add some more assertions for action, task_state, etc. def test_task_show( self,